Researcher Finds A Big Security Flaw In Samsung Android Devices

Researcher Finds A Big Security Flaw In Samsung Android Devices

The flaw was acknowledged by US National Vulnerability Database, who gave it a risk rating of 7.8 out of 10.    Saturday, November 01, 2014:  As per the recently released reports certain security flaws have been identified in Samsung Android phones which might allow hackers to remotely control the smartphone over the internet. Using the flaw, they’ll be able to perform different functions over the smartphones like locking and unlocking the device, displaying a customized message on the screen, finding its location on a map or even wiping the details, without the owner being able to do anything to stop it. Not even that, it can even be used in more advanced hacks like ransom attacks. The zero-day flaw in Samsung’s Find My Mobile feature was discovered by researcher Mohamed Baset. Find My Mobile feature allows users to find their lost or stolen devices. But the reports reveal that the Korean IT giant, Samsung is not keeping any check over the Find My Mobile, about from where the requests are coming from, which might allow hackers to imitate the device owners. It was acknowledged by U.S. National Vulnerability Database, who gave it a risk rating of 7.8 out of 10. The agency said in an advisory notice, “The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.” Samsung has not yet addressed this particular issue, but there was a video uploaded by “Baset” on YouTube which broadly highlighted the flaws.